Re: may be a buffer overflow problem
| От | Tom Lane |
|---|---|
| Тема | Re: may be a buffer overflow problem |
| Дата | |
| Msg-id | 2298818.1718378281@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: may be a buffer overflow problem (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: may be a buffer overflow problem
|
| Список | pgsql-hackers |
I wrote:
> Seeing that this code is exercised thousands of times a day in the
> regression tests and has had a failure rate of exactly zero (and
> yes, the tests do check the output), there must be some reason
> why it's okay.
After looking a little closer, I think the reason why it works in
practice is that there's always a few bytes of zero padding at the
end of struct sqlca_t.
I don't see any value in changing individual code sites that are
depending on that, because there are surely many more, both in
our own code and end users' code. What I suggest we ought to do
is formalize the existence of that zero pad. Perhaps like this:
char sqlstate[5];
+ char sqlstatepad; /* nul terminator for sqlstate */
};
Another way could be to change
- char sqlstate[5];
+ char sqlstate[6];
but I fear that could have unforeseen consequences in code that
is paying attention to sizeof(sqlstate).
Either way there are probably doc adjustments to be made.
regards, tom lane
В списке pgsql-hackers по дате отправления: